| Age | Commit message (Collapse) | Author |
|---|
|
Fixed issue with notification dropdown not updating active
## What does this MR do?
This fixes an issue where the notification dropdown wouldn't correctly update the selected notification type in the dropdown. I've also added a spinner to show the action is happening & removed the flash message for success.
## What are the relevant issue numbers?
Closes #18480
## Screenshots (if relevant)
See merge request !4615
|
|
Implement custom notification level options
part of #12758
See merge request !4389
|
|
Disable the unlink feature for SAML connected accounts (social login).
This disables the ability to manually unlink your SAML account, if you have one connected. In certain scenarios, the only allowed login mechanism can be SAML, and if you unlink your account you will be locked out of the system (configuration dependent).
Fixes #18613
See merge request !4662
|
|
Allow creating Personal Access Tokens through the website
Related to #2979
- Allow a user to create personal access tokens, and use them to authenticate
- Refactor `API::Helpers` into `API::Helpers::Core` and `API::Helpers::Authentication`
# Tasks
- [ ] #2979 (!3749) - Personal Access Tokens
- [x] Basic Implementation
- [x] Add UI to add "Personal Access Tokens"
- [x] Reload `lib/api` on every request
- [x] Respect these tokens for API requests
- [x] Just a param or a header too?
- [x] Allow revoking tokens
- [x] Expire tokens
- [x] Left bar should have a "PAT" icon
- [x] Scopes?
- [x] Copy to Clipboard
- [x] Show active/inactive tokens separately
- [x] No need to check for expired/revoked in the appropriate places
- [x] Why does regular ApplicationController check for private token?
- [x] Support non-API requests
- [x] Revert (or work on) `lib/api` eager loading
- [x] Create MR
- [x] Refactoring
- [x] Fix tests
- [x] Write more tests
- [x] Add screenshots to MR
- [x] Add description of query performance to MR
- [x] Limit the number of queries in the `personal_access_tokens` page
- [x] Wait for CI to pass
- [x] Fix merge issues in schema.rb
- [x] Assign MR to endboss
- [x] Wait for feedback
- [x] Fix feedback
- [x] Wait for CI to pass
- [x] Assign to @rspeicher
- [x] Fix @rspeicher's comments
- [x] Wait for CI to pass
- [x] Assign back to @rspeicher
- [x] Write documentation and ping @axil
- [x] Wait for Axil to respond
- [x] Assign to endboss
- [x] Address Douwe's feedback
- [x] Use the `private_token` or `authentication_token` param instead of `personal_access_token`
- [x] Ditto for the header
- [x] Assign to endboss
- [x] Make sure CI is green
- [x] Address Douwe's feedback
- [x] Don't go through the `authenticate_user_from_private_token!` method, if a private token is supplied (or combine them)
- [x] In `authenticate_user_from_personal_access_token!` don't hit DB if `token_string` is `nil`
- [x] Use `current_user.personal_access_tokens.build` in the controller
- [x] Remove the "We aren't using `personal_access_token` as the root param" comment
- [x] `No need for = "...", we can just have the Inactive ... #{...} on the next line` in the view
- [x] Render dates in a (more) human format
- [x] CSS issue with table
- [x] Don't show the tokens in the UI indefinitely
- [x] How to implement scopes? Add-on to current impl? Doorkeeper?
- [x] Wait for @DouweM's comments about scopes
- [x] Address @DouweM's second review
- [x] Try not using `native['innerHTML']`
- [x] use contexts for all "when ..."
- [x] Ensure consistency (styling) with other pages for "You don't have any tokens" message
- [x] "Actions" table column doesn't need a label
- [x] %td can be moved outside of the if/else statement
- [x] The header title should be "Profile Settings"
- [x] Can this be a `before_create`, so we don't need to use `generate`?
- [x] If it couldn't be revoked, will we show an error?
- [x] If it couldn't be saved, will we show an error?
- [x] Merge master
- [x] Update CHANGELOG entry
- [x] Add tests for form errors?
- [x] Post screenshots
- [x] Tag @jschatz1 for review
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/0dff6fd/builds) to pass
- [x] Respond to @jschatz1's comments
- [x] Hardcoded colors should be variables
- [x] Should not be allowed to chose a date in the past
- [x] Use the same table as in the Applications tab
- [x] button should say "Create Personal Access Token"
- [x] Float the revoke to the right on the `a`
- [x] Change revocation message. "Are you sure you want to revoke this certificate? This action cannot be undone."
- [x] Date stays selected and looks selected even though date is set as "never".
- [x] ~~hover on the calendar button shifts~~ (not caused by this MR - happens on `milestones#new` as well)
- [x] Don't use the panel for the created token
- [x] Use a normal flash for "Your new personal access token has been created"
- [x] Show the input (with the token) below it full width.
- [x] Put the "Make sure you save it - you won't be able to access it again." message near the input
- [x] Have the input highlight all on single click
- [x] Update screenshots
- [x] Merge master in + conflicts
- [x] Assign to @jschatz1 again
- [x] Respond to @jschatz1's comments
- [x] No button for clipboard, only link
- [x] text-danger
- [x] highlight fade on that area where the token was created
- [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/d754d99179f1ffe846fcc1d8e858163b39efc5dc/builds) is green
- [x] Assign to @jschatz1
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/faa0e3f7580bc38d4d12916b4589c64d6c2678a7/builds) to pass
- [x] Respond to @DouweM's feedback
- [x] move the redirect_to out of the if/else
- [x] certificate -> token
- [x] datepicker back to text field
- [x] combine the get_user_from_private_token and get_user_from_personal_access_token methods in ApplicationController
- [x] combine the get_user_from_private_token and get_user_from_personal_access_token methods in `lib/api/helpers`
- [x] don't need the new constants
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/9d7cda3ddce52baad9618466a5d00319b333be57/builds) to pass
- [ ] Wait for merge
# Screenshots
See merge request !3749
|
|
has been set up.
- Also change the help message to indicate that an authenticator app is
now a prerequisite for U2F.
|
|
|
|
- Move the `TwoFactorAuthsController`'s `new` action to `show`, since
the page is not used to create a single "two factor auth" anymore. We
can have a single 2FA authenticator app, along with any number of U2F
devices, in any combination, so the page will be accessed after the
first "two factor auth" is created.
- Add the `u2f` javascript library, which provides an API to the
browser's U2F implementation.
- Add tests for the JS components
|
|
Fix grammar and wording in text on various pages.
## What does this MR do?
Fixes various grammatical and/or wording issues I found while copyediting on the plane :)
## Why was this MR needed?
Incorrect grammar and weird/confusing wording makes the product look less polished and professional.
See merge request !4237
|
|
|
|
|
|
|
|
|
|
Updated spacing between notification label and button
Closes #16552
See merge request !3965
|
|
Closes #16552
|
|
Closes #13991
|
|
Main idea is to keep left sidebar static so user is not confused by
changing context. Instead we put changing navigation with changing
content in one main block
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
|
|
Standardize the way we check for and display form errors
- Some views had a "Close" button. We've removed this, because we don't
want users accidentally hiding the validation errors and not knowing
what needs to be fixed.
- Some views used `li`, some used `p`, some used `span`. We've
standardized on `li`.
- Some views only showed the first error. We've standardized on showing
all of them.
- Some views added an `#error_explanation` div, which we've made
standard.
See merge request !3531
|
|
|
|
- Some views had a "Close" button. We've removed this, because we don't
want users accidentally hiding the validation errors and not knowing
what needs to be fixed.
- Some views used `li`, some used `p`, some used `span`. We've
standardized on `li`.
- Some views only showed the first error. We've standardized on showing
all of them.
- Some views added an `#error_explanation` div, which we've made
standard.
|
|
Remove 2FA status on enable page
The 2FA status on the enabling page is useless, since it always is `disabled`. A user is enabling 2FA, so he already knows that it is disabled.
### Before
### After
See merge request !3436
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
* visiting project will create notification setting if missing
* change notification setting per project even without membership
* use notification settings instead of membership on profile page
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
Closes #14736
|
|
|
|
Closes #14379
|
|
|
|
|
|
|
|
|
|
Revert the avatar cropping feature
Reverts !2951 since the added 'mini_magick' dependency should be replaced by client-side croppping
See merge request !3223
|
|
Applications tab on profile settings
Closes #13855
See merge request !3031
|
|
This reverts commit 01160fc06182de89c400af174861f6545ad6ceb8, reversing
changes made to 4bff9daf8b6d85e9c78565e21cfaa3f6d36f0282.
|
|
Previously we were doing all of kinds of code gymnastics and flash abuse
in order to work with a Doorkeeper controller but have it _appear_ at
the `/profile/applications` path. Fortunately we can just tell Rails to
use a different controller to handle that route, and we get the best of
both worlds.
|
|
|
|
|
|
Added in disable button for 2fa
|
|
|
|
Closes #13854
|
|
|
|
Fixed heading weight
|
|
Closes #13855
|
|
Prior, we were double-checking `@keys.any?`, and unnecessarily assigning
`is_admin` in a view where it wasn't needed.
|
|
|
|
|
|
|
|
|
|
Closes #13860
|
|
Password settings page
Closes #13858
See merge request !3033
|
